Cloud Computing Fundamentals_SRG

Welcome to Cloud Computing Fundamentals. Copyright © 1996, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013 , 2014, 2015 EMC Corporation. All Rights Reserved. EMC believes the information in this publication is accurate as of its publication date. The information is subject to change without notice. THE INFORMATION IN THIS PUBLICATION IS PROVIDED “AS IS.” EMC CORPORATION MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND WITH RESPECT TO THE INFORMATION IN THIS PUBLICATION, AND SPECIFICALLY DISCLAIMS IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Use, copying, and distribution of any EMC software described in this publication requires an applicable software license. EMC2, EMC, Data Domain, RSA, EMC Centera, EMC ControlCenter, EMC LifeLine, EMC OnCourse, EMC Proven, EMC Snap, EMC SourceOne, EMC Storage Administrator, Acartus, Access Logix, AdvantEdge, AlphaStor, ApplicationXtender, ArchiveXtender, Atmos, Authentica, Authentic Problems, Automated Resource Manager, AutoStart, AutoSwap, AVALONidm, Avamar, Captiva, Catalog Solution, C-Clip, Celerra, Celerra Replicator, Centera, CenterStage, CentraStar, ClaimPack, ClaimsEditor, CLARiiON, ClientPak, Codebook Correlation Technology, Common Information Model, Configuration Intelligence, Configuresoft, Connectrix, C opyCross, CopyPoint, Dantz, DatabaseXtender, Direct Matrix Architecture, DiskXtender, DiskXtender 2000, Document Sciences, Documentum, elnput, E-Lab, EmailXaminer, EmailXtender, Enginuity, eRoom, Event Explorer, FarPoint, FirstPass, FLARE, FormWare, Geosynchrony, Global File Virtualization, Graphic Visualization, Greenplum, HighRoad, HomeBase, InfoMover, Infoscape, Infra, InputAccel, InputAccel Express, Invista, Ionix, ISIS, Max Retriever, MediaStor, MirrorView, Navisphere, NetWorker, nLayers, OnAlert, OpenScale, PixTools, Powerlink, PowerPath, PowerSnap, QuickScan, Rainfinity, RepliCare, RepliStor, ResourcePak, Retrospect, RSA, the RSA logo, SafeLine, SAN Advisor, SAN Copy, SAN Manager, Smarts, SnapImage, SnapSure, SnapView, SRDF, StorageScope, SupportMate, SymmAPI, SymmEnabler, Symmetrix, Symmetrix DMX, Symmetrix VMAX, TimeFinder, UltraFlex, UltraPoint, UltraScale, Unisphere, VMAX, Vblock, Viewlets, Virtual Matrix, Virtual Matrix Architecture, Virtual Provisioning, VisualSAN, VisualSRM, Voyence, VPLEX, VSAM-Assist, WebXtender, xPression, xPresso, YottaYotta, the EMC logo, and where information lives, are registered trademarks or trademarks of EMC Corporation in the United States and other countries. All other trademarks used herein are the property of their respective owners. © Copyright 2015 EMC Corporation. All rights reserved. Published in the USA. Revision Date: 30/01/2015 Revision Number: MR-5WN-CLDFDS 2.0

Copyright 2015 EMC Corporation. All rights reserved.

Cloud Computing Fundamentals

1

This course covers cloud computing fundamentals including its characteristics, benefits, service models, and deployment models. It details the elements that commonly exist in a cloud environment including their functions and interactions. The course also describes emerging cloud standards for portability, interoperability, and security. It gives you an overview of the integration of social, mobile, and big data with cloud computing. It also touches upon EMC’s products, solutions, and services for cloud computing. The course follows the U.S. National Institute of Standards and Technology as a guide for all definitions of cloud computing.



2

This module focuses on the definition, characteristics, and benefits of cloud computing.



3

In this course, we will use the U.S. National Institute of Standards and Technology definition of cloud computing, as it has become the de facto definition of cloud computing. The National Institute of Standards and Technology defines cloud computing as a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources that can be rapidly provisioned and released with minimal management effort or service provider interaction. A cloud infrastructure is built, operated, and managed by a cloud provider. The provider is an organization that provides cloud services to the cloud users or consumers. The consumer is an individual or an organization that is a customer of a cloud. The provider may be an external provider or internal to the consumer organization; for example the IT department. The provider maintains shared pools of IT resources, and the resources are made available to consumers from the pool. Consumers access resources over a network, such as the Internet or an intranet. In general, a cloud and its consumers employ the client-server model. In this model, the consumers (the clients) send requests over a network to the servers in a cloud. The servers then perform operations in response to the received requests. The following slides will further elaborate cloud computing.



4

Business executives cite the business agility as a key to achieve success in the fast paced and rapidly evolving IT market. Business agility ensures quick time-to-market and improved competitive advantage. The other key success factors regarded by the businesses are reduction of IT infrastructure investment, improved resource utilization, and reduction of IT management complexity and cost. Traditionally, IT resources such as hardware and software are often acquired by the businesses to support their business applications. The acquisition and provisioning of new resources commonly follow a rigid procedure that includes approvals from the concerned authorities. As a result, they may take up a considerable amount of time. This can delay operations and increase the time-tomarket. Additionally, to the extent allowed by budget, the IT resources required for an application are sized based on peak usage. This results in incurring high up-front capital expenditure (CAPEX) even though the resources remain underutilized for a majority of the time. As workloads continue to grow and new technologies emerge, businesses may not afford for investments to increase proportionally. Further, a significant portion of the IT budget goes to support and maintain the existing IT infrastructure, leaving little left to provide innovative solutions to business. These long standing pain points can be mitigated by the adoption of cloud computing.



5

In cloud computing, users rent IT resources such as storage, processing, network bandwidth, application, or a combination of them as cloud services. Cloud computing enables on-demand resource provisioning and scalability. IT resources are provisioned by the users using a selfservice portal backed by an automated fulfillment process. These provide quick time-to-market, and potentially, competitive advantage. Resource consumption is measured by using a metering service which may help in billing users as per consumption. Users can de-provision the rented resources when resources are no longer needed. This reduces investment in IT infrastructure and improves resource utilization. This also reduces expenses associated with IT infrastructure management, floor space, power, and cooling. Further, reduction of IT maintenance tasks can drive new business initiatives, discovery of new markets, and innovation.



6

Traditionally, both the businesses and the individuals have been facing several challenges. From a business perspective, each advancing wave of technology and business sophistication changes the way IT works. Businesses must adopt new IT products and solutions rapidly to stay competitive in the market. This may enforce organizations to periodically upgrade their IT infrastructure and acquire new software and hardware resources. As an organization’s capital expenditure (CAPEX) rises, the risk associated with the investment also increases. For small and medium sized businesses, this may be a big challenge, which eventually restricts their ability to grow. As an individual, it may not be sensible or affordable to purchase new applications every time, if you need them only for a brief period. This slide shows various requirements and constraints from a business perspective as well as an individual perspective. The following slide describes the way a cloud can address these constraints and requirements.



7

The cloud model is similar to a utility service, such as an electricity service. In the case of an electricity service, a consumer plugs in an electrical appliance to a socket and turns it on. The consumer is typically unaware of how the electricity is generated or distributed. The consumer only pays for the amount of electricity consumed. Similarly, to the cloud consumers, the cloud is an abstraction of IT infrastructure, from which they rent IT resources as services, without any accompanied risks or associated costs of owning the resources. The consumers only pay for the services they use – either based on a subscription or based on resource consumption. Many organizations now view cloud as an extension of their IT resource procurement strategy. In the future it may become a predominant way for organizations to use computing technology. Through cloud computing, even smaller organizations can get the required IT resources and compete with larger organizations, which seemed expensive and often cost-prohibitive earlier.



8

The U.S. National Institute of Standards and Technology specifies that the cloud model is composed of five essential characteristics. These are on-demand self-service, broad network access, resource pooling, rapid elasticity, and measured service. These characteristics are described in the following slides.



9

In cloud computing, the consumers have the ability to provision the required IT resources on demand from a cloud, at any time they want. Self-service means that the consumers themselves carry out all the activities required to provision the cloud resources. To enable on-demand self-service provisioning, a cloud provider makes a simple and userfriendly self-service portal available. The self-service portal is a website that allows consumers to view and order cloud services. The cloud provider publishes a service catalog on the self-service portal. The service catalog offers customers a limited and standardized set of service offerings that have been pre-defined based on the provider’s expertise, technology, skill of personnel, and on market demand. A consumer may view the service catalog to know what cloud services are available, their features and price, and consumer-specific values of the services. Additionally, a service catalog allows a consumer to request or order a service from the catalog in a self-service way. The request gets processed automatically, without human intervention from the cloud provider’s side. This considerably reduces the time needed to provision new or additional IT resources.



10

Consumers access cloud services using any client or end-point device from anywhere over a network, such as the Internet or an organization’s private network. For instance, a cloud application, such as a word processing software, can be accessed and used at any time over the Internet. Users can access and edit documents from any Internet-connected device, eliminating the need to install the application on the device. Client devices may have heterogeneous underlying hardware and software platforms. Cloud services are usually accessed using web services. Web services allow a client application to request data and computations to a web server in a cloud and the web server to return the responses. The client application could be a web browser or any web service application. Web services enable clients to communicate with web servers in a cloud through the use of standard web protocols, commonly Hypertext Transfer Protocol (HTTP). Web services are primarily based on either the Simple Object Access Protocol (SOAP) specification or the Representational State Transfer (REST) architectural style. The discussion on Simple Object Access Protocol and Representational State Transfer are beyond the scope of this course.



11

A resource pool is a logical abstraction of aggregated computing resources, such as processing power, memory capacity, storage, and network bandwidth, that are managed centrally. Cloud services obtain computing resources from resource pools. Resources from the resource pools are dynamically allocated according to the consumer demand up to a limit defined for each cloud service. The allocated resources are returned to the pool when they are released by consumers, making them available for reallocation. The figure on the slide shows the allocation of resources from a resource pool to service A and service B that are assigned to consumer A and consumer B respectively. In cloud computing, resources are pooled to serve multiple consumers. This is known as a multitenant model. Multi-tenancy refers to an architecture in which multiple independent consumers or tenants are serviced by using a single set of resources. The multi-tenant model enables a provider to offer services at a lower cost through economy of scale. It also helps the providers to achieve high levels of resource utilization. Virtualization is the key enabling technology for resource pooling and multi-tenancy in the cloud. However, it is possible to build a cloud infrastructure and offer cloud services without the use of virtualization.



12

Rapid elasticity refers to the ability of the consumers to quickly request, receive, and later release as many resources as needed up to a limit defined for each cloud service. The characteristic of rapid elasticity gives the consumers a sense of availability of unlimited cloud resources that can be provisioned at any time. It enables consumers to adapt to the variations in workloads—by quickly expanding or reducing resources—as well as maintain the required performance level proportionately. For example, to handle an increased workload, an organization requires double the processing capacity for a specific duration. For the remaining period, the organization might want to release the idle resources to save costs. The workload variations may be seasonal or transient. The consumers can leverage the ‘rapid elasticity’ characteristic of a cloud infrastructure when they have such variations in workloads and IT resource requirements.



13

A cloud has a metering system that measures the resource consumption and helps in generating bills for the consumers, based on the resources used by them. It measures the number of units of service usage per consumer and reports the price for the consumed units. Examples of a service unit are: per GB of storage, per transaction, and per hour of application usage. The billing reports are generated, based on the price per unit and the number of units consumed of a service. The billing report is visible to consumers through the self-service portal. The metering system also provides information about the current demand on the cloud, and helps the cloud providers with capacity and service planning.



14

Let us understand the benefits of cloud computing from a consumer’s perspective, beginning with the business agility. Cloud computing provides the capability to provision IT resources quickly and at any time, thereby considerably reducing the time required to deploy new applications and services. This enables businesses to reduce the time-to-market and to respond more quickly to market changes. Cloud computing enables the consumers to rent any required IT resources based on the pay-peruse or subscription pricing. This reduces a consumer’s IT capital expenditure as investment is required only for the resources needed to access the cloud services. Further, the consumer rents only those resources from the cloud that are required, thereby eliminating the underutilized resources. Additionally, the expenses associated with IT infrastructure configuration, management, floor space, power, and cooling are reduced. Cloud computing has the ability to ensure availability at varying levels, depending on the provider’s policy towards service availability. Redundant infrastructure components enable fault tolerance cloudadeployments. Moreover, cloud can pieces distributedfor across large cluster of nodes indata suchina amanner thatbe anbroken entire into datasmall set can be and reconstructed even if there is failure of individual nodes. Additionally, cloud-based applications may be capable of maintaining limited functionality even when some of their components, modules, or supporting services are not available. A service provider may also create multiple service availability zones both within and across geographically dispersed data centers. A service availability zone is a location with its own set of resources. Each zone is isolated from the other zone so that a failure in one zone does not impact the other. If a service is distributed among several zones, consumers of that service can fail over to other zones in the event of a zone failure.



15

In cloud computing, consumers can unilaterally and automatically scale IT resources to meet the workload demand. This is significantly more cost-effective than buying new IT resources that are only used for a short time or only during specific periods. In cloud computing, applications and data reside centrally and can be accessed from anywhere over a network from any device such as desktop, mobile, and thin client. This eliminates a consumer’s dependency on a specific end-point device. This also enables Bring Your Own Device (BYOD), which is a recent trend in computing, whereby employees are allowed to use noncompany devices as business machines. Moreover, when an organization uses cloud services, their infrastructure management tasks are reduced to managing only those resources that are required to access the cloud services. The cloud infrastructure is managed by the cloud provider and tasks such as software updates and renewals are handled by the provider.



16

Cloud computing enables collaboration between disparate groups of people by allowing them to share the resources and information and access them simultaneously from wide locations. For example, employees in an organization can place a document centrally in the cloud, enabling them to access it at the same time. This eliminates the need to send files back and forth via email. A cloud can also be leveraged to ensure business continuity. It is possible for IT services to be rendered unavailable due to causes such as natural disasters, human error, technical failures, and planned maintenance. The unavailability of IT services can lead to significant financial losses to organizations and may also affect their reputations. However, having a remote secondary site for disaster recovery involves additional capital expenditure and administrative overheads. Through the use of cloud business continuity solutions, an organization can mitigate the impact of downtime and recover from outages that adversely affect business operations. For example, an organization may use cloud-based backup for maintaining additional copies of their data, which can be retrieved in the event of an outage. An organization can also save on the capital expenses required for implementing a backup solution for their IT infrastructure.



17

This module covered the definition, characteristics, and benefits of cloud computing.



18

This module focuses on cloud service models and cloud deployment models.



19

The U.S. National Institute of Standards and Technology defines three cloud service models and four cloud deployment models as listed on the slide. A cloud service model specifies the services and the capabilities that are provided to the consumers. A cloud deployment model provides a basis for how cloud infrastructure is built, managed, and accessed. Each cloud deployment model may be used for any of the cloud service models. These service models and deployment models are described in the following slides.



20

Let us have a look at cloud service models, beginning with infrastructure as a service. In the infrastructure as a service model, the capability provided to the consumer is to provision processing, storage, networks, and other fundamental computing resources where the consumer is able to deploy and run arbitrary software, which can include operating systems and applications. The consumer does not manage or control the underlying cloud infrastructure but has control over operating systems, storage, and deployed applications; and possibly limited control of select networking components (e.g., host firewalls).



21

In the platform as a service model, the capability provided to the consumer is to deploy onto the cloudlanguages, infrastructure consumer-created acquired applications created using programming libraries, services, andor tools supported by the provider. The consumer does not manage or control the underlying cloud infrastructure including network, servers, operating systems, or storage, but has control over the deployed applications and possibly configuration settings for the application-hosting environment.



22

In the software as a service model, the capability provided to the consumer is to use the provider’s applications running on a cloud infrastructure. The applications are accessible from various client devices through either a thin client interface, such as a web browser (e.g., webbased email), or a program interface. The consumer does not manage or control the underlying cloud infrastructure including network, servers, operating systems, storage, or even individual application capabilities, with the possible exception of limited user-specific application configuration settings.



23

Let us understand cloud deployment models, beginning with public cloud. In the public cloud model, the cloud infrastructure is provisioned for open use by the general public. It may be owned, managed, and operated by a business, academic, or government organization, or some combination of them. It exists on the premises of the cloud provider. A public cloud is a cloud infrastructure deployed by a provider to offer cloud services to the general public and organizations over the Internet. A provider typically has default service

levels for all consumers of the public cloud. Public cloud services may be free, subscription-based, or provided on a pay-per-use model. Public cloud provides the benefits of low up-front expenditure on IT resources and enormous scalability. However, some concerns for the consumers include network availability, risks associated with multi-tenancy, limited or no visibility and control over the cloud resources and data, and restrictive default service levels.



24

In the private cloud model, the cloud infrastructure is provisioned for exclusive use by a single organization comprising multiple consumers (for example, business units). It may be owned, managed, and operated by the organization, a third party, or some combination of them, and it may exist on or off premises. A private cloud is a cloud infrastructure that is set up for the sole use of a particular organization. The cloud services implemented on the private cloud are dedicated to consumers, such as the departments and business units within the organization. Many organizations may not wish to adopt public clouds as they are accessed over the open Internet and used by the general public. When compared to a public cloud, a private cloud offers an organization a greater degree of privacy, and control over the cloud infrastructure, applications, and data. The private cloud model is typically adopted by larger-sized organizations that have the resources to deploy and operate private clouds. There are two variants of a private cloud: on-premise and externally-hosted. These are described in the subsequent slides.



25

The on-premise private cloud, also known as an internal cloud, is hoste d by an organization onan itsorganization data center sto within own premises. The over on-prthe emise private cloud model enables haveits the complete control infrastructure and the data. In this model, the organization’s IT department is typically the cloud provider. In some cases, a private cloud may also span across multiple sites of an organization, with the sites interconnected via a secure network connection. The on-premise private cloud model enables an organization to standardize IT resources, management processes, and cloud services. Standardization simplifies the private cloud environment and the infrastructure management process, and creates an opportunity to save operational costs. Standardization also helps in automation of resource and service management. Organizations choosing the on-premise private cloud approach would incur significant capital expenditure for the IT resources as compared to the public cloud approach. This may give rise to challenges regarding the infrastructure size and the resource scalability. The on-premise private cloud model is best suited for organizations that require complete control over their infrastructure, resource configurations, applications, data, and security mechanisms.



26

In the externally-hosted private cloud model, an organization outsources the implementation of the private cloud to an external cloud provider. The cloud infrastructure is hosted on the premises of the external provider and not within the consumer organization’s premises. The provider manages the cloud infrastructure and facilitates an exclusive private cloud environment for the organization. The organization’s IT infrastructure connects to the externally-hosted private cloud over a secure network. The provider enforces security mechanisms in the private cloud as per the consumer organization’s security requirements. As organizations can rent the required cloud resources from the provider, the externally-hosted private cloud model can save on the capital expenditure associated with IT resources.



27

In the community cloud model, the cloud infrastructure is provisioned for exclusive use by a specific community of requirements, consumers from organizations that have shared concerns, for example, mission, security policy, and compliance considerations. It may be owned, managed, and operated by one or more of the organizations in the community, a third party, or some combination of them, and it may exist on or off premises. In a community cloud, the organizations participating in the community typically share the cost of the community cloud service. As the costs are shared by a smaller number of consumers compared to a public cloud, this option may be more expensive. However, a community cloud may offer a higher level of control and protection against external threats than a public cloud. There are two variants of a community cloud: on-prem ise and externally-hosted. These are described next.



28

In an on-premise community cloud, one or more participa nt organizations provide cloud services that are consumed by the community. Each organization may must provide cloud services, consume services, or both. Atparticipant least one community member provide cloud services for the community cloud to be functional. The cloud infrastructure is deployed on the premises of the participant organizations providing the cloud services. The organizations consuming the cloud services connect to the clouds of the provider organizations over a secure network. The figure on the slide depicts an on-pr emise community cloud, the services of which are consumed by enterprises P, Q, and R. The community cloud comprises two cloud infrastructures that are deployed on the premises of Enterprise P and Enterprise Q, and combined to form a community cloud.



29

In the externally-hosted community cloud model, the participant organizations of the community outsource the implementation of the community cloud to an external cloud provider. The cloud infrastructure is hosted on the premises of the external cloud provider and not within the premises of any of the participant organizations. The provider manages the cloud infrastructure and facilitates an exclusive community cloud environment for the participant organizations. Unlike an on-premise community cloud, the participant organizations can save on the up-front costs of IT resources.



30

In the hybrid cloud model, the cloud infrastructure is a composition of two or more distinct infrastructures such private, community, or public that remain unique entities,cloud but are bound together byasstandardized or proprietary technology that enables data and application portability (for example, cloud bursting for load balancing between clouds). There can be several possible compositions of a hybrid cloud as each constituent cloud may be of one of the five variants discussed previously. As a result, each hybrid cloud has different properties in terms of parameters such as performance, cost, security, and so on. A hybrid cloud may change over time as component clouds join and leave. In a hybrid cloud environment, the component clouds are combined through the use of open or proprietary technology, such as interoperable standards, architectures, protocols, data formats, application programming interfaces (APIs), and so on. The use of such technology enables data and the application portability between clouds. The figure on the slide depicts a hybrid cloud that is composed of an on-premise private cloud deployed by enterprise Q and a public cloud serving enterprise and individual consumers in addition to enterprise Q.



31

This module covered infrastructure as a service, platform as a service, and software as a service. It also covered public cloud, private cloud, community cloud, and hybrid cloud.



32

This module focuses on the actors or entities in a cloud environment and cloud infrastructure of a cloud provider.



33

A cloud environment consists of a set of actors that have key roles in the realm of cloud computing. The U.S. National Institute Standards and Technology (NIST), in itsThey special publication 500-291, version 2, defines of five major actors in a cloud environment. are cloud consumer, cloud broker, cloud auditor, cloud carrier, and cloud provider. Each actor is an entity such as a person or an organization that performs specific functions in cloud computing. These actors and their interactions with each other are detailed in the following slides.



34

The figure on the slide shows the interactions between the actors in a cloud environment. A cloud consumer may request cloud services from a cloud provider directly or via a cloud broker. A cloud auditor conducts independent audits and may contact the others to collect necessary information. The cloud carrier is the organization that provides connectivity and access to cloud services. The subsequent slides will provide detailed information about each actor.



35

A cloud consumer browses the service catalog from a cloud provider, requests the appropriate service, sets up service contracts with the cloud provider, and uses the service. The cloud consumer may be billed for the service provisioned, and needs to arrange payments accordingly.

Depending on the service model used by the cloud provider, the services available to and requested by the consumers can be different as shown on the slide. For infrastructure as a service, consumers access virtual machines, network-accessible storage, network infrastructure components, and other fundamental computing resources, on which consumers can deploy and run arbitrary software. The consumers of infrastructure as a service can be system developers, system administrators, and IT managers who manage services for IT infrastructure operations. Consumers are billed for the amount of infrastructure resources consumed. For platform as a service, cloud consumers employ the tools and execution resources provided by the cloud providers for the purpose of developing, testing, deploying, and managing hosted in a cloud. Platform application as a servicesoftware, consumers can be applicationapplications developers who design and implement application testers who run and test applica tions in various clouds , application deployers who publish applications into a cloud, and application administrators who configure and monitor application performance on a platform. Consumers can be billed by the number of consumers, the type of resources consumed by the platform, or the duration of the platform usage. The software as a service consumers can be organizations that provide their members with access to software applications, end users who directly use software applications, or software application administrators who configure applications for end users. The consumers access and use applications on demand, and can be billed on the number of consumers, the time in use, the network bandwidth consumed, or the amount of data stored.



36

Let us have a look at the steps followed by a cloud consumer to request or order cloud services. A service catalog typically provides a link such as a hypertext or hyperlink button to request a service. After clicking the designated link, a consumer is commonly asked to submit a web form with a few drop-down menus, check boxes, radio buttons, and text boxes to describe the required resources, their configurations, usage of service, and so on. The providers usually make effort to simplify the form for consumer use, abstracting the underlying resource allocation details. For example, a platform as a service consumer may specify consumer’s application requirements and database usage while requesting a database service from a provider. This high-level service request is translated into its constituent resource requests such as number of virtual machines, amount of memory, operating system, and database configuration. A consumer must also agree to the contract terms associated with the selected service before submitting the form to complete the service ordering. The slide shows a partial view of the web form for ordering EMC’s private cloud database service.



37

The U.S. National Institute of Standards and Technology defines a cloud broker as an entity

that managesbetween the use,cloud performance, of cloud services, negotiates relationships providersand anddelivery cloud consumers. A cloudand consumer may request cloud services from a cloud broker, instead of contacting a cloud provider directly. The cloud broker acts as an intermediary between cloud consumers and providers, helps the consumers through the complexity of cloud service offerings, and may also create value-added cloud services. The National Institute of Standards and Technology states that a cloud broker provides services in three categories: service intermediation, service aggregation, and service arbitrage. In service intermediation, a cloud broker enhances a given service by improving some specific capability and providing value-added services to cloud consumers. Some improvement in the capability include access management of cloud services, identity management, performance reporting, and security enhancement. In service aggregation, a cloud broker combines multiple cloud services into one or more new services. The broker provides data and service integration and ensures the secure data movement between the cloud consumer and multiple cloud providers. Once established, such brokered services are usually fixed and do not change often. Service arbitrage is similar to service aggregation, with the exception that the services being combined may vary. A cloud broker has the flexibility to choose services from multiple service providers. For example, a broker may provide multiple e-mail services through a common interface, wherein the number and type of e-mail services may vary.



38

According to the U.S. National Institute of Standards and Technology, a cloud auditor is a party

that can conduct independent assessment of a cloud services, information system Auditing operations, performance, and the security of cloud computing implementation. of the cloud infrastructure can be performed by internal auditors of an organization or external auditors from an external organization. A cloud auditor can evaluate the services provided by a cloud provider in terms of security controls, privacy impact, performance, and adherence to service level agreement parameters. While performing security auditing, for example, a cloud auditor can make an assessment of the security controls in the information system. The assessment helps in determining the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to the security requirements for the system. The security auditing should include the verification of the compliance with regulation and security policy.



39

A cloud carrier acts as an intermediary that provides connectivity and transport of cloud services between cloud consumers and cloud providers. Cloud carriers provide access to consumers through network, telecommunication, and other access devices. The distribution of cloud services is normally provided by network and telecommunication carriers or a transport agent. A transport agent refers to a business organization that provides physical transport of storage media such as high-capacity hard drives. For example, a cloud carrier organization may be responsible for enabling private or virtual private network connections between cloud consumers and cloud providers or between a cloud provider’s data centers. Further, if consumers use the Internet to connect to cloud services, then the cloud carrier is the Internet Service Provider (ISP). A cloud provider may establish an agreement with a cloud carrier to provide services consistent with the service level offered to cloud consumers.



40

A cloud provider builds and manages the cloud infrastructure required for providing the cloud services, provisions the services at agreed-upon service levels, and protects the security and privacy of the services. Let us have a look at the structure of a generalized cloud infrastructure. A cloud infrastructure can be partitioned into five logical layers in which the upper layer has a dependency on the lower layer. The five layers in the cloud infrastructure are physical layer, virtual layer, control layer, service orchestration layer, and service layer. Each of these layers groups a set of elements that may exist in a cloud computing environment, their

relationships, and functions. Additionally, three cross-layer functions are required in a cloud infrastructure, which spans all the layers of the infrastructure. The three cross-layer functions are business continuity, security, and service management. Business continuity and security functions specify various activities and processes that are required to offer reliable and secure cloud services to the consumers. Service management function specifies various activities and processes that enable the cloud administrations to meet the business requirements and the service level objectives (SLO) of the provider. These layers and cross-layer functions of cloud infrastructure are described in the following slides.



41

The physical layer comprises compute, storage, and network resources, which are the fundamental physical computing resources that make up a cloud infrastructure. Physical compute systems may host the applications that a provider offers as services to consumers. The compute systems also run the software used by the provider to manage the cloud infrastructure and to deliver services. A cloud provider may also offer compute systems to consumers for hosting their applications in the cloud. Storage systems store business data and the data generated or processed by the applications deployed on the compute systems. Storage capacity may be offered along with a compute system or separately. Networks connect compute systems with each other and with storage systems. A network, such as a local area network (LAN), connects physical compute systems to each other, which enables the applications running on the compute systems to exchange information. A storage area network (SAN) connects the compute systems to the storage systems, which enables the applications to access data from the storage systems. If a cloud provider uses physical computing resources from multiple cloud data centers, then the distributed computing resources are connected over a network. Networks also enable connections among clouds— as in the case of the hybrid cloud model—to enable them to share cloud resources and services.



42

Virtual layer is deployed on the physical layer. It comprises virtual compute systems known as virtual machines (VMs), virtual storage such as LUN, and virtual networks such as virtual LAN (VLAN). Virtual machines may host the applications that a provider offers as services to consumers. They also run the software used by the provider to manage the cloud infrastructure and to deliver services. A cloud provider may also offer virtual machines to consumers for hosting their applications in the cloud. LUNs store business and consumer’s data. LUNs may be offered along with a virtual machine or separately as a storage service. Virtual LANs function as independent networks and enable or restrict communication between the virtual machines.

Virtualization software deployed on physical compute systems, network devices, and storage systems perform the abstraction of the physical resources and make them appear as virtual resources. Through abstraction, the virtualization software enables pooling of physical resources. It pools physical resources upon receiving request from the co ntrol layer. It also executes requests for allocating resources from the pools to the virtual resources. For example, a specific amount of processing power and memory capacity can be allocated to a virtual machine from a compute resource pool, based on allocation requests. Abstracting the physical resources also enables multitenant environment, thereby improving utilization of the physical resources. Note: While deploying cloud infrastructure, organizations may choose not to deploy virtual layers. In such an environment, the control layer is deployed over the physical layer and it can directly request the physical layer to perform an operation. Further, it is also possible that part of the infrastructure is virtualized and the rest is not virtualized.



43

The control layer comprises the control software that are responsible for managing and controlling the underlying cloud infrastructure resources. The control software provide the management interface for configuring, provisioning, and monitoring resources. On receiving the provisioning requests from the orchestration layer, it interacts with appropriate virtual and physical layer components. Through the interaction, the control software enable provisioning of IT resources for cloud services. It also enables the sizing of resource pools and the allocation of resources from the pools to fulfill the service requests. Additionally, it provides information about provisioned or consumed resources by services, which is required to generate bills.



44

Service orchestration refers to the automated arrangement, coordination, and management of various system or component functions in a cloud infrastructure to provide and manage cloud services. The service orchestration layer comprises a purpose-designed orchestration software or orchestrator that orchestrates the execution of various system functions. The orchestrator programmatically integrates and sequences various system functions into automated workflows for processing service provisioning and management requests, issued from the self-service portal. The self-service portal is the key component of the service layer that transfers service requests to the orchestrator, which in turn interacts with the appropriate systems based on pre-defined workflows. Through the interaction, the orchestrator coordinates and sequences execution of the system functions and responds back to the portal with updated service information. The examples of a system that takes part in the interaction are directory service, service management tools, control software, configuration management system (CMS), and billing system. The orchestration workflows are not only meant for fulfilling the requests from the consumers but also for administering cloud infrastructure such as adding resources to a resource pool, handling service-related issues, scheduling a backup for a service, billing, and reporting.



45

The orchestrator commonly provides a library of predefined workflows in addition to an interface for cloud administrators or architects to define workflows. The orchestrator leverages the predefined and the user-defined workflows to orchestrate service provisioning and management processes. It triggers an appropriate workflow upon receiving a request from the self-service portal and ensures that the execution of system functions are sequenced as per the workflow. In this use case, a consumer logs on to the cloud portal and orders a DB2 database platform (PaaS) from the service catalog. The database platform is ordered to support consumer’s application. The request is routed to the orchestrator, which triggers a workflow to fulfill this request. After this request is fulfilled, the consumer’s application can access the deployed database as needed. The figure on the slide shows a sample workflow defined in the orchestrator to provision DB2 database.



46

The service layer comprises the self-service portal, which is the access (usually web-based) point to a cloud. The self-service portals are hosted on one or more (for redundancy and workload balancing) compute systems, called portal servers. Portals are created using specialized development tools, called portal software. The portal software enables a provider to design and publish the self-service portal. A consumer may use the uniform resource locator (URL) of the self-service portal to logon to the portal. The self-service portal presents the service catalog and the cloud interfaces. The service catalog lists and describes the service offerings along with their attributes, service level, terms and

conditions for provisioning, and prices. It allows a consumer to request or order a service in a self-service way. Cloud interfaces are the management interface and the functional interface of rented services. The management interface is a self-service interface that enables consumers to control their use of rented services. For example, a consumer can monitor, modify, scale, start, and stop rented services using the management interface. The functional interface enables consumers to perform computing activities using service functions. The graphical user interface (GUI) of a business application offered as a service is an example of the functional interface. The self-service portal is also accessed by the cloud administrators to manage the cloud infrastructure.



47

Let us understand the cross-layer functions, beginning with business continuity. Business continuity covers all methods and activities that a cloud provider must accomplish to mitigate the impact of service outage. It prevents the interruption of mission-critical services, and re-establishes the impacted services as swiftly and smoothly as possible. It helps the cloud providers to meet the committed service availability. With the aim of meeting the required service availability, the cloud provider should implement the necessary business continuity methods. Some common business continuity methods for building a resilient cloud infrastructure are: •

•

•

•

Deploying redundancy at both the cloud infrastructure component level and at the site (data center) level to avoid single point of failure. Deploying data protection solutions such as backup and replication and automating them as much as possible. Implementing an automated cloud service failover from one service availability zone to another. Architecting resilient cloud applications so that they are immune against failure of one or more application modules and continue the operation without any downtime.



48

Cloud security includes all the administrative and technical mechanisms that are necessary for mitigating security threats and providing a secure cloud environment. Administrative mechanisms include security and personnel policies or standard procedures to direct the safe execution of various operations. Technical mechanisms are usually implemented through security tools or devices deployed on the cloud infrastructure. The technical mechanisms are detailed in the following slides.



49

Let us have a look at some of the technical security mechanisms. These mechanisms are implemented at compute, storage, network, and application levels. Identity and access management is the process of managing user authentication and authorization. Cloud consumers are authenticated and authorized by the web servers at the cloud which communicate with the cloud internal or external directory servers to collect user information. Cloud provider may also use federated identity management (FIM) for authentication. Federated identity management involves exchanging identity attributes between a cloud provider and an identity provider in a secure way. This enables the cloud providers to offer services without implementing their own authentication system. Furthermore, the implementation of multi-factor authentication helps authenticating a consumer with more than one factor. Consumer’s access to the cloud is granted only when all the required factors are validated. Role based access control helps restricting access to authorized users, based on their respective roles. A role may represent a job function. For example, a user having tenant admin role can create and remove tenant users within a tenant organization. However, a user having tenant user role access the assigned services.and Cloud administrators too, depending on their role,can canonly monitor tenant resource cloud configuration status and may change the settings. An intrusion detection and prevention system (IDPS) detects and stops events that can

compromise the confidentiality, integrity, or availability of cloud resources. A virtual private network (VPN) can be used to provide a consumer a secure connection to the cloud resources. It is also used in a hybrid cloud, externally hosted private cloud, or community cloud environment to provide a secure site-to-site connection. Firewalls can be used in a DMZ configuration which filters information based on IP address, port ID, protocol, etc.



50

Data encryption is a cryptographic technique in which data is encoded and made indecipherable the hackers. Data encryption helps data in-flight andmedia at-rest. Data encryptiontoprovides protection from threats suchsecuring as tampering with data, theft, and sniffing attacks. Data shredding is the process of deleting data or residual representations of data and making it unrecoverable. After consumers discontinue the cloud service, their data or residual

representations may still reside in the cloud infrastructure. An attacker may perform unauthorized recovery of consumer’s data to gain confidential information. Shredding techniques such as overwriting and degaussing help in mitigating such a risk. Port binding limits the devices that can be attached to a specific switch port. In an Ethernet network, for example, port binding maps the MAC address and IP address of a compute system to a specific switch port. The switch forwards a packet received from the port only if the source MAC address and IP address carried in the packet have been bound to the port. VLAN and VSAN ensure security by providing isolation of data over a shared infrastructure. They ensure secure separation of network traffic of a consumer from other consumers. Hypervisor, virtual machine, operating systems, and application can be hardened by installing current updates or patches and eliminating non-essential utilities which are vulnerable to attacks.



51

The U.S. National Institute of Standards and Technology describes that the cloud service management includes all of the service-related functions that are necessary for the management and operation of those services required by or proposed to cloud consumers. The cloud service management aligns the creation and delivery of cloud services to the provider’s business objectives and to the expectations of consumers. It is performed by the administrators of provider’s organization. Cloud service management performs two key functions – service portfolio management and service operation management. Service portfolio management defines the suite of service offerings, aligning it to the provider’s strategic business goals. Cloud administrators responsible for service portfolio management make decisions to deliver those services that provides value and strategic advantage to the provider. They provide guidelines on how these services will be designed, implemented, supported, and priced. They also make investment decision on services and ensure that services are delivered in the most cost-effective manner and as quickly as possible. Service operation management maintains cloud and deployed services, ensuring that services and service levels are delivered as infrastructure committed. Ideally, service operation management should be automated. To enable zero-touch service operation management, organizations typically deploy cloud service management tools. These tools automate many service operation management activities and their functions are programmatically integrated through orchestrated workflows.



52

This module covered cloud actors and cloud infrastructure.



53

This module focuses on various cloud standards for portability, interoperability, and security.



54

Cloud computing has been a matter of concern to many, largely because of portability and interoperability constraints and security worries. The presence of numerous cloud providers doing different tasks differently makes it difficult for consumers to compare and evaluate cloud offerings. Standardization enables buyers, sellers, consumers, and regulators to have confidence that products, services, processes, and systems meet specific requirements. It establishes conformity to specific feature set or quality level, which helps mitigating the portability, interoperability, and security concerns. The following slides describe various portability, interoperability, and security standards in cloud computing.



55

Portability in cloud means the ability to migrate data and application from one cloud to another without the need to recreate data and modify applications significantly. Standardization of cloud interface helps porting applications and data from one cloud provider to another without vendor lock-in issues and at an acceptable cost. Let us discuss some of the portability standards, beginning with Topology and Orchestration Specification for Cloud Applications or TOSCA. The Topology and Orchestration Specification for Cloud Applications is developed by Organization for the Advancement of Structured Information Standards (OASIS). It standardizes the language to define a cloud service. The standard defines both service structure and operational behavior of the service independent of any particular cloud provider or hosting technology. The structure of a service is modeled in a topology graph, which includes nodes or service components and their relationships. For example, a business application is hosted on a web server, the web server is hosted on an operating system, which in turn is hosted on a virtual machine. The operational behavior of a service is specified as plans, which are workflows for orchestrating operations such as deployment, modification, patching, and termination of services. Both the topology and plans are portable and can be interpreted by compliant cloud environments. This facilitates portable deployment of services to any compliant cloud.



56

Open Virtualization Format or OVF defined by the Distributed Management Task Force (DMTF) is an open standard for packaging and distribution of virtual appliances. Virtual appliances are preconfigured virtual machines that are ready to run on a hypervisor and typically includes a preinstalled guest operating system and an application software to be run in the virtual machine. The standard enables packaging and deployment of services as virtual appliances and facilitates portability between various cloud platforms. The package includes metadata about virtual machines such as the number of processors and amount of memory required to run applications, and network configuration information. Metadata information can be used by a cloud platform to deploy a service. The package may also contain digital signatures to ensure the integrity of the virtual machines being deployed along with licensing information in the form of a End User License Agreement.



57

Interoperability in cloud means the ability to communicate, run software, and transfer data among multiple clouds. Standardization of cloud interface allows consumers to use their data and applications across multiple clouds. Let us discuss some of the interoperability standards, beginning with Open Cloud Computing Interface. The Open Cloud Computing Interface (OCCI) defined by the Open Grid Forum is a set of specifications for infrastructure-as-a-service management interface. The specifications can be applied to implement a vendor neutral interface for managing compute, network, and storage resources provided as a service. The specification can also be extended to support platform-as-aservice and software-as-a-service management interfaces. Cloud Infrastructure Management Interface (CIMI) defined by Distributed Management Task Force specifies a standard management interface for infrastructure-as-a-service offerings that allows consumers to manage their resource usage. The standard allows interoperability between consumers and multiple providers that offer compliant interface for managing cloud infrastructure, thereby helps avoiding vendor lock-in.



58

Cloud Data Management Interface (CDMI) defined by the Storage Networking Industry Association (SNIA) provides standard for both the management interface as well as the functional interface of a storage service. The functional interface enables an application to create, retrieve, update, and delete data from the cloud. The management interface can be used for managing containers of data, user accounts, access control, and billing. Cloud Application Management for Platforms (CAMP) defined by the Organization for the Advancement of Structured Information Standards (OASIS) is under development. It defines a management interface standard for platform-as-a-service that can be used to package, deploy, and manage applications onto any compliant cloud platform.



59

Let us have a look at some of the cloud security standards, beginning with Cloud Controls Matrix (CCM). The Cloud Controls Matrix defined by the Cloud Security Alliance (CSA) provides a controls framework that gives detailed understanding of security concepts and principles that are aligned to the Cloud Security Alliance guidance. The foundations of the Cloud Controls Matrix is based on other industry-accepted security standards, regulations, and controls frameworks such as the ISO 27001, ISO 27002, ISACA COBIT, PCI, and NIST. The Cloud Controls Matrix, published in Excel spreadsheet format, provides the organizations the needed structure related to information security in a cloud. It seeks to normalize security expectations, cloud taxonomy and terminology, and security measures implemented in the cloud.



60

The U.S. National Institute of Standards and Technology, in its special publication— Guidelines Security and Privacy in Public and Cloud SPchallenges. 800-144)— provides an on overview of public cloud computing theComputing security and(NIST privacy The document discusses the threats, technology risks, and safeguards for public cloud environments, and provides the insight needed to make informed decisions on their treatment. The guidelines provided in the document are aimed at the cloud consumers which states what consumers should consider of a potential cloud provider. Carrying on with its cloud mission, the National Institute of Standards and Technology released its special publication—Cloud Computing Security Reference Architecture (NIST SP 500299)—in draft form for public comments. The document defines a cloud computing security reference architecture. The reference architecture identifies a set of security components that can be implemented in a cloud environment to secure the environment, the operations, and the data migrated to the cloud.



61

The European Network and Information Security Agency or ENISA has published several documents that provide guidelines and key requirements towards cloud security. They published “Procure Secure: A Guide to Monitoring of security service levels in cloud contracts” to provide guidelines on the procurement and the governance of cloud services. It breaks down key requirements that a consumer should look for in a cloud provider to ensure strict adherence to security rules.

They also published a report on governmental clouds with the aim to: •

•

•

Assist member states in implementing a national cloud strategy Establish an understanding of current barriers and suggest solutions to overcome those barriers Share the best practices

Moreover, the European Network and Information Security Agency published a paper that analyses how cloud providers, consumers, and government authorities can set up cloud security incident reporting schemes.



62

This module covered various cloud standards for portability, interoperability, and security.



63

This module focuses on the integration of social networking, mobile computing, and big data analytics with cloud computing.



64

The IT industry is in the midst of a massive technological and structural shift toward what industry analyst IDC calls the third platform. The first platform was based on the mainframe computers. The second was personal computers and client/server model which dominated the IT landscape over the past few decades. The third Platform is built on mobile computing, social networking, cloud services, and big data analytics technologies. Among the four pillars: cloud,

mobile, social, and big data, cloud is the core and key enabler of the third platform computing. Cloud provides the platform that supports the accessibility, agility, and scale required by the rise of social, mobile, and big data applications. Although, these technologies are disruptive on their own, together they are revolutionizing business and creating new value. According to Gartner: “Without cloud computing, social interactions would have no place to happen at scale, mobile access would fail to be able to connect to a wide variety of data and functions, and information would be still stuck inside internal systems.” The following slides describe the integration of social, mobile, and big data with cloud computing.



65

A social network interconnects users through a variety of relationships such as friends and followers. Through these relationships users share content and messages, and create communities with similar interests. Social networking means forming connections between one user with another online using social networking websites. There exist a number of social networking websites such as the popular Facebook, LinkedIn, and Twitter. Social networks have seen massive growth, with millions of users participating across various social networking websites. As the social networks grow, the amount of IT resources needed to provide social networking services also grow and cloud computing remains as a viable solution to meet those needs.



66

Cloud computing and social networking can be used together. Their integration helps social networking services to take advantages of cloud computing. Let us discuss a few scenarios where cloud computing and social networking have intermingled. First, social networking websites can be hosted on a cloud platform. Second, a cloud can provide storage space for storing and sharing media uploaded by the users. Third, social applications related to social networking services can be developed and hosted on a cloud. These applications are created by third-party developers. They can be integrated to your page in a social networking site and users who come to your page can also access them. Social applications cater to specific user’s interests and create a social media framework for the applications. Finally, cloud infrastructure can be created through social network constructs. The cloud infrastructure in a social network environment is called social cloud. A social cloud provides a resource and service sharing framework that uses relationships established between users of a social network. For example, a social storage cloud can be used to store and share information among friends.



67

Mobile computing is human–computer interaction by which a computer is expected to be transported during normal usage. Mobile computing involves various entities such as mobile devices, mobile infrastructure, mobile applications, mobile software, and mobile services. Examples of mobile device are laptop, smartphone, tablet computer, and wearable computer. Mobile infrastructure consists of network equipment, communication protocols, and technologies used by service providers offering mobile and wireless services. Mobile applications are consumer and enterprise mobile applications that run on mobile devices. They are typically available through application distribution platforms such as the Apple App Store, Google Play, Windows Phone Store, and BlackBerry App World. Mobile software are mobile infrastructure software, mobile device management software, mobile security software, and mobile operating systems. They are designed to meet the characteristics and requirements of the mobile applications. Mobile service involves both consumer and enterprise mobile services as well as machine-to-machine communication services. The explosion of mobile applications and the tremendous rate of smartphone adoption are the key proliferators of mobile computing. According to IDC, worldwide smartphone shipments was expected to reach a total of 1.2 billion units in 2014. From there, total volumes will reach 1.8 billion units in 2018, resulting in a 12.3 percent compound annual growth rate (CAGR) from 2013 to 2018. To support this phenomenal growth, cloud computing seems to be a viable solution.



68

Mobile computing combined with cloud computing creates a new architecture called mobile cloud computing. In this architecture, data processing and data storage happen outside of mobile devices. A cloud infrastructure is used to perform computing-intensive activities and to store data of cloud-based mobile applications. Cloud-based mobile applications are accessible to mobile users through application’s mobile interface. Mobile devices connect with a base station or a hotspot by a radio link such as 3G, 4G, Wi-Fi, and GPRS. The base station establishes the connections between the mobile devices and the mobile network. The mobile network delivers mobile user requests to a cloud through the Internet. User’s requests are processed in the cloud that provides requested cloud services to the users. Mobile cloud computing provides benefits to the resource-constraint mobile devices to utilize cloud resources. It also helps mobile devices to access centrally placed data from wide locations and scale their resource usage on-demand. Technologies such as HTML5, CSS3, hypervisor for mobile devices, and web 4.0 are expected to drive adoption of mobile cloud computing.



69

Big data is commonly characterized by four Vs: Volume, Variety, Velocity, and Value. •

Volume refers to the amount of data

•

Variety refers to different types of data

•

Velocity refers to the speed of data processing

•

Value refers to the value generated from the big data

According to Gartner, big data is high-volume, high-velocity, and high-variety information assets that demand cost-effective, innovative forms of information processing for enhanced insight and decision making. Big data technologies are designed to economically extract value from a very large volumes of a wide variety of data by enabling high-velocity capture, discovery, and analysis. Big data analytics involves capturing, organizing, and analyzing big data that can reveal insights hidden previously because of the amount of effort and spending required to extract them. With the right big data analytics tools in place, an organization can uncover hidden patterns, unknown correlations, market trends, customer preferences, and other useful information. This helps the organization to make informed decisions to boost its sales, increase efficiency, and improve operations, customer service, and risk management.



70

The cloud is an enabler for big data analytics. It can offer analytics tools, storage, compute, and database that support processing of large volume, high velocity, and varied types of big data. Cloud-based data analytics provide capabilities to capture and prioritize big data from trusted sources, perform data integration and analysis in real-time or near real-time, and manage data as per governance policies. Cloud computing is a natural fit for big data analytics. Big data environments require clusters of nodes that can scale up, down, out, or in as needed to support the processing of big data. A cloud supports rapid elasticity and on-demand resource provisioning. It can offer massive databases and advanced analytics tools that can drive business value. As a result, IT organizations are increasingly looking to cloud computing as a solution to support their big data projects.



71

This module covered the integration of social networking and cloud computing, the integration of mobile computing and cloud computing, and the integration of big data analytics and cloud computing.



72

This module focuses on EMC’s hybrid cloud solution, EMC’s cloud advisory services, VCE Vblock, VMware vCloud Suite, VMware vCloud Air, and RSA security solutions.



73

The EMC hybrid cloud solution unites the full strengths of private and public cloud. It integrates the best of EMC and VMware products and services, and empowers IT organizations to accelerate implementation and adoption of hybrid cloud infrastructure. The solution caters to customers who want to preserve their investment and make better use of their existing infrastructure and to those who want to build out new infrastructures dedicated to a hybrid cloud. The hybrid cloud solution enables: •

Complete management of the infrastructure service lifecycle

•

On-demand access to and control of network bandwidth, servers, storage, and security

•

•

•

Provisioning, monitoring, and management of the infrastructure services without IT administrator involvement Provisioning of backup, continuous availability, and disaster recovery services as part of the cloud service provisioning process Maximum asset utilization

The figure on the slide shows the key components of the solution.



74

EMC cloud advisory services help organizations to accelerate journey to the cloud. With the EMC cloud advisory services, an organization can achieve the right mix of private, public, and hybrid cloud models for their key application workloads. EMC provides a cloud application strategy that is specific to the needs and activities of an organization. By providing the strategy, the advisory services perform the following activities: •

•

•

•

Highlight the business process support and service level requirements for key application workloads

Evaluate the suitability of these applications for a migration to cloud Determine an optimal cloud model, among several architectural options, for application placement Provides the financial implications of moving these applications to cloud



75

VCE company, formed by Cisco and EMC with investments from VMware and Intel, accelerates the adoption of converged infrastructure. A converged infrastructure combines multiple hardware and software components into a single package. The package is pre-configured and offers centralized management of all components within the package. VCE, through Vblock systems, delivers the converged infrastructure that provides a platform for building a cloud. Vblock systems combine compute, storage, network, virtualization, security, and management components into a single package. Vblocks are pre-architected, preconfigured, pretested and have defined performance and availability attributes. Rather than customers buying and assembling individual IT infrastructure components, Vblock provides a validated solution and is factory-ready for deployment and production. This saves significant cost and deployment time associated with building a cloud infrastructure. The figure on the slide shows key components of a Vblock 720 system that are integrated into a single package. VCE also provides various cloud services as listed on the slide. These services accelerate the planning, design, and implementation of private, public, or hybrid clouds. VCE proven methodologies help to reduce cost, risk, and complexity of the transformation journey to the cloud.



76

VMware vCloud Suite is an integrated offering for building and managing a VMware vSphere private cloud. It provides operational efficiency, infrastructure agility, and operational control,

which can lower cost, reduce downtime, and increase productivity for businesses. The vCloud Suite contains several products, such as: •

VMware vSphere that provides server virtualization platform

•

vCenter Site Recovery Manager that enables policy-based disaster recovery

•

•

•

vCloud Networking and Security that provides networking and security for a virtualized compute environment vCenter Operations Management Suite that helps in performance, capacity, and configuration management vCloud Automation Center that provides self-service and policy-based infrastructure provisioning

•

vCloud Director that ensures secure provisioning of virtual data centers

•

VMware Virtual SAN that provides a software-defined storage platform

•

VMware NSX that delivers security and network virtualization

•

IT Business Management Suite that enables financial management and budget analysis



77

vCloud Air is a hybrid cloud service operated by VMware. It is built on the VMware vSphere platform. vCloud Air makes it possible for users to migrate virtual machines and workloads both in and out of VMware’s public cloud using vSphere tools. It enables users to extend their on-premise private cloud into the public cloud with ease. vCloud Air is available in three primary infrastructure-as-a-service types, with more expected in future. The primary service types are dedicated cloud, virtual private cloud, and disaster recovery.



78

RSA, the security division of EMC, offers several security solutions that help organizations to

mitigate the risk of operating in a cloud environment. Let us have a look at some of the key security solutions. RSA SecurID provides two-factor authentication solution. It provides a reliable level of authentication by using a combination of a PIN and an authenticator that displays a one-time token code changing every 60 seconds. To access their resources, users combine their secret PIN with the token code that appears on their SecurID authenticator display at that given time. The result is a unique one-time password used to assure a user’s identity. RSA Archer eGRC solutions allow an organization to build an efficient, collaborative enterprise governance, risk and compliance (eGRC) program across IT, finance, operations, and legal domains. With RSA Archer eGRC, an organization can manage risks, demonstrate compliance, automate business processes, and gain visibility into corporate risk and security controls.



79

RSA Data Loss Prevention (DLP) solution discovers and monitors the location and flow of sensitive data such as credit card data, personally identifiable information (PII), and corporate intellectual property. Once it locates sensitive data, it can alert and educate designated personnel and enforce controls to prevent loss of sensitive data through email, web, PCs, smartphones, and so on, based on customizable policy. RSA Security Analytics helps security analysts to detect and investigate threats often missed by other security tools. It combines big data security collection, management, and analytics; full network and log-based visibility; and automated threat intelligence. This enables security analysts to better detect, investigate, and understand threats that they often could not easily see or understand before. RSA ECAT is an endpoint threat detection solution. It exposes malware and other threats, highlights suspicious activity for investigation, and instantly determines the scope of a compromise. These help security teams to stop advanced threats faster.



80

This module covered EMC’s hybrid cloud solution, EMC’s cloud advisory services, VCE Vblock, VMware vCloud Suite, VMware vCloud Air, and RSA sec urity solutions.



81

This module focuses on cloud computing forecasts and CIO sentiment survey conducted by IDC.



82

Cloud computing has proven to be one of the disruptive technology and its adoption is expected to grow in future. Here, we have some cloud computing forecasts and market estimates. Industry analyst Gartner says cloud computing will become the bulk of new IT spend by 2016. According to Gartner, 2016 will be a defining year for cloud as private cloud begins to give way to hybrid cloud, and nearly half of large enterprises will have hybrid cloud deployments by the end of 2017. According to IDC, worldwide spending on public IT cloud services will reach nearly $108 billion by 2017. Over the forecast period of 2013 to 2017, public IT cloud services will have a compound annual growth rate (CAGR) of 23.5 percent, which is five times that of the IT industry as a whole. McKinsey and Company in its report “Disruptive technologies: Advances that will transform life, business, and the global economy” projects that the total economic impact of cloud technology could be $1.7 trillion to $6.2 trillion annually in 2025. It says that by 2025 most IT and web applications and services could be cloud delivered or enabled, and most businesses could be using cloud facilities and services for their computing resources. According to Forrester Research, the public cloud market is expected to reach $191 billion by 2020, which is a huge leap from the $58 billion in 2013.



83

In IDC’s CIO sentiment survey conducted during 2012, IDC identified a range of investment priorities for 2013 and beyond. The chart on the slide shows eleven highest rated investment categories. Of those, five are third platform technologies that include cloud computing. These technologies are highlighted on this chart with the arrows on the right. Clearly, CIOs have prioritized third platform technologies by their spending projections.



84

This module covered cloud computing forecasts from industry analysts and position of cloud computing in IDC’s CIO sentiment survey.



85

This course covered the characteristics, benefits, service models, and deployment models of cloud computing. Next, it covered the entities commonly exist in a cloud environment. Then, it described the emerging cloud standards for portability, interoperability, and security. It also covered the integration of social networking, mobile computing, and big data analytics with cloud computing. Then, it described EMC’s products, solutions, and services for cloud computing. Finally, it covered the prospects of cloud computing.



86

Cloud Computing Fundamentals_SRG

Recommend Documents